27 lines
942 B
Org Mode
27 lines
942 B
Org Mode
:PROPERTIES:
|
|
:ID: 0dceeeca-7c23-41a8-b9dc-4642a09618db
|
|
:END:
|
|
#+title: Custom Routes
|
|
#+Author: Yann Esposito
|
|
#+Date: [2022-10-17]
|
|
|
|
- tags :: [[id:ce893df9-32a4-44e0-9eb5-b9817141ee6a][cisco]]
|
|
- source :: https://github.com/advthreat/iroh/issues/5411
|
|
* Reference
|
|
|
|
https://github.com/advthreat/iroh/issues/5411
|
|
|
|
|
|
We propose to provide two new endpoints to simplify and standardize this
|
|
integration system.
|
|
|
|
- ~POST /iroh/oauth/custom/code~ that could only called using a user's JWT with
|
|
the ~oauth:write~ scope. Given a ~client-id~ it will grant that client
|
|
(no need to pass via the CSRF token step) and returns a code
|
|
(directly and not a URL the client would need to parse)
|
|
- ~POST /iroh/oauth/custom/tokens~ that could only be called using a user's JWT
|
|
with the ~oauth:write~ scope.
|
|
|
|
This route also need a ~client_id~, ~client_secret~.
|
|
This will grant the client on behalf of the user and returns a classical ~/token~
|
|
response.
|